PRISM is an all-purpose, next generation NFT marketplace developed by NuPay Technologies.
PRISM allows creators to publish and sell their artworks to buyers who can either collect or resell them. The platform has already attracted many popular artists such as Leena Al Ayoobi, Arthur Pardini, Léo Caillard, Christophe Vacher, and Daniel Cheong.
The customer wanted to make sure that their system was 100% secured on the smart contract side.
Our blockchain professionals have analyzed PRISM smart contracts, identified key pain points, bugs, and vulnerabilities, and given advice on how to keep the platform running smoothly. We fixed all the issues detected and afterwards successfully passed a smart contract audit conducted by a third party.
We started our work by studying the project. It was especially important to keep the original user flow designed by the client.
Notably, the process of selling and buying NFTs on PRISM is done manually. Here is what it looks like:
The artist publishes their NFT and sets a starting price for it
Users evaluate the particular NFT and send their price proposals to the artist
The artist chooses who they want to sell their NFT to and accepts the offer
The artist receives the payment and sends their NFT to the buyer
Based on this user flow, our client gave us the following tasks:
Provide seamless user flow by allowing artists to collect payment and buyers to receive the NFTs they have purchased
Ensure the automatic return of NFTs and funds to their original state if one of the parties did not fulfill the conditions
Add a migration tool to be able to migrate the history of an existing contract to its updated version in case the community or the client wants to add new functionality or change the flow within the smart contract
Ensure that the tokens issued on PRISM could not be sold on other marketplaces as PRISM itself represents a secondary marketplace
Smart contracts are at the heart of any blockchain-based application as they represent lines of code with transaction conditions embedded in them.
Essentially, they automate transactions, secure the application, and protect the user’s money. Smart contracts also eliminate the participation of any intermediary and the consequent loss of time.
Since large sums of money are transferred through or locked into smart contracts, they often become a target for hackers. Smart contracts should not therefore have any security vulnerabilities, otherwise users run the risk of losing their NFTs and funds — and the platform owner their reputation.
Got an idea? Let’s work together
As the PRISM marketplace is currently running on the Ethereum blockchain, our developers used the Solidity programming language to fix and rewrite smart contracts.
Our team focused on three major points:
Since buying and selling NFTs is done manually, this concept comes with security risks. We detected more than 20 minor/trivial problems in the initial code, which were preventing perfect optimization. We fixed them in order to secure smart contracts and thereby protect the platform and its users.
We were asked to polish smart contracts to eliminate any possibility of malicious actions during the interaction between artists and buyers. We carefully analyzed the code and fixed it so that the parties could not cheat each other in any way.
For example, an artist receives an offer from a buyer and accepts it. The buyer sends their money to the artists, but there is no sign of the NFT for 48 hours. In this case, the buyer will receive their money back. If the artist sends their NFT to the buyer, but the buyer does not confirm receipt of the token, the buyer will receive their money back and the artist will still have their NFT.
Thus, smart contracts define and record every step that the buyer and seller take. If the conditions are not met, the smart contract will return everything to its original state and no one will lose anything.
We debugged and rewrote smart contracts in such a way that it is now completely impossible to sell NFTs issued by PRISM on any other marketplace.
Once the smart contracts were successfully corrected, they were audited by a third party company. No critical errors were found. Several problems were associated with the original architecture of the project. Other issues were resolved by our team.
When working on our client's smart contracts, we followed these four steps:
The PixelPlex and NuPay Technologies collaboration on the PRISM NFT marketplace has been fruitful and has helped the client bring about meaningful transformation to their platform. The marketplace has been operating since February 2022, and our team is proud to have contributed to the project by auditing its smart contracts.
Our work with NuPay Technologies will continue as we both strive to advance blockchain technology and make the world better through innovation.